Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes this technique as “reverse attack analysis for detection” and shows us how to do it in this technical segment!